#');
$html_entities_replace = array('<', '>');
function userExists($pName) {
global $db;
// Remove doubled up spaces
$pName = preg_replace('#\s+#', ' ', trim($pName));
$pName = phpbb_clean_username($pName);
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($pName) . "'";
if ($result = $db->sql_query($sql))
{
if ($row = $db->sql_fetchrow($result))
{
if ($row['username'] == $pName)
{
$db->sql_freeresult($result);
return true;
}
}
}
$db->sql_freeresult($result);
return false;
}
function getDefaultConfig($pKey) {
global $db;
$sql = "SELECT config_value
FROM " . CONFIG_TABLE . "
WHERE config_name = '$pKey'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not access default config value for $pKey');
}
if ($row = $db->sql_fetchrow($result)) {
return $row['config_value'];
} else {
message_die(GENERAL_ERROR, 'Could not access default config value for $pKey');
return null;
}
}
function getDefaultDateFormat() {
$theValue = getDefaultConfig("default_dateformat");
if (isset($theValue))
{
return $theValue;
}
else
{
message_die(GENERAL_ERROR, 'Could not select default dateformat', '', __LINE__, __FILE__, $sql);
return "Y-m-d";
}
}
function getBoardTimezone() {
$theValue = getDefaultConfig("board_timezone");
if (isset($theValue))
{
return doubleval($theValue);
}
else
{
message_die(GENERAL_ERROR, 'Could not select board timezone', '', __LINE__, __FILE__, $sql);
return -8;
}
}
function getNextUserId() {
global $db;
$sql = "SELECT MAX(user_id) AS total
FROM " . USERS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
$user_id = $row['total'] + 1;
return $user_id;
}
function addUser($pName, $pPassword) {
global $db;
$theUserId = getNextUserId();
$thePassword = md5($pPassword);
$theRegDate = time();
$theTimezone = getBoardTimezone();
$theDateFormat = getDefaultDateFormat();
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, user_active, username, user_password, user_regdate, user_level, user_timezone, user_style, user_lang, user_dateformat) VALUES ($theUserId, 1, '$pName', '$thePassword', $theRegDate, 0, $theTimezone, 1, 'english', '$theDateFormat')";
if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'add new user failed', '', __LINE__, __FILE__, $sql);
}
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
VALUES ('', 'Personal User', 1, 0)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
}
$group_id = $db->sql_nextid();
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
VALUES ($theUserId, $group_id, 0)";
if( !($result = $db->sql_query($sql, END_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
}
}
//
// Set mode
//
if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
{
$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
$mode = '';
}
//
// Begin program
//
$theUsername = "";
$thePassword = "";
if (isset($HTTP_POST_VARS['username'])) {
$theUsername = $HTTP_POST_VARS['username'];
}
if (isset($HTTP_POST_VARS['password'])) {
$thePassword = $HTTP_POST_VARS['password'];
}
if ( ($mode == 'add') && ($theUsername != "") && ($thePassword != "") )
{
//
// add user now
//
//
// see if the user already exists
//
if (userExists($theUsername)) {
message_die(GENERAL_ERROR, "username already exists in database");
}
//
// insert entry in DB
//
addUser($theUsername, $thePassword);
//
// finishing message
//
$message .= "user added successfully";
$message .= '
' . sprintf($lang['Click_return_useradmin'], '', '') . '
' . sprintf($lang['Click_return_admin_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
else
{
// quick and dirty direct html
?>
User details may be edited from Management
Both username and password must be specified
} include('./page_footer_admin.'.$phpEx); ?>